Kubernetes architecture

Before explaining the Kubernetes architecture, we are going to define a few of the main terms used in Kubernetes:

• Container - a program packaged with its necessary OS resources, frameworks, and packages
• Node - the smallest unit of computing hardware (a single machine)
• Pod - one or more containers wrapped together. They are placed on a node
• Cluster - nodes put together to form a powerful computing unit

See below for a visual representation of a Kubernetes cluster:

A Kubernetes architecture consists of two parts: the control plane and the nodes. Each node can be either a physical or virtual machine and has its own environment. Every node runs the pods, which are composed of containers.

1. The control plane is the "nerve center" that houses Kubernetes components that control the cluster. It also maintains a data record of the configuration and state of all of the cluster’s objects. It consists of several different components:

   • The API Server supports updates, scaling, and other kinds of lifecycle orchestration by providing APIs for various types of applications, which can be accessed by clients from outside the cluster, since it also serves as a gateway.

   • The scheduler keeps the resource usage data for each node, determines whether a cluster is healthy, and determines whether new containers should be deployed. Then it selects an appropriate compute node and schedules the task, pod, or service, taking resource limitations into consideration.

   • The controller manager is a daemon that runs the Kubernetes cluster using several controller functions.

   • ETCD is an open-source, key-value store database that stores configuration data and information about the state of the cluster. It may be configured externally, but usually, it is a part of the control plane.

2. The Kubernetes cluster is consisted of one or many nodes working together, forming a powerful computing unit. On each node, there can be several components that serve different purposes:

   • Kubelet is an agent that communicates with the control plane to ensure the containers in a pod are running. It receives the pod specifications through the API server and executes the action.

   • The kube-proxy serves as a network proxy and service load balancer on its node, and it either forwards traffic or relies on the packet filtering layer of the operating system to handle network communications both outside and inside the cluster.

   • Each node runs and manages container life cycles using a container runtime engine. Kubernetes supports Open Container Initiative-compliant runtimes such as Docker, CRI-O, and rkt.